Setting DNSSEC Enable - BlueCat Address Manager - 9.0.0

Address Manager Administration Guide

BlueCat Address Manager

This option enables the server to respond to DNS requests from DNSSEC-aware servers. It can be set at the configuration, view, or server levels, and it should be set for any server to which signed zones are deployed.

When setting this option, select the Enabled check box on the Add DNS Deployment Option page. To disable this option but leave the deployment option in place in Address Manager, edit the option and deselect the Enabled check box.
Note: DNSSEC Enabled options will not be imported from, and cannot be deployed to Windows Server 2008, and Windows 2012 non-R2 servers. Address Manager does not prevent configuration of DNSSEC options for unsupported versions of Windows, since Address Manager is not aware of the version of a Managed Windows Server. Manually adding and attempting to deploy DNSSEC options to an unsupported version of Windows will result in a deployment error.

To set the DNSSEC Enable option:

  1. Navigate to the appropriate level in Address Manager (configuration, Windows server, or view).
  2. Click the Deployment Options tab.
  3. Click New, then select DNS Option.
  4. From the Option drop-down menu, select DNSSEC Enable.
  5. Check Enable DNSSEC to enable DNSSEC key on Windows.
  6. Click Add to add the option and return to the Deployment Options tab.